Category Archives: Publications

Since the latest edition of Practical Packet Analysis has been released, so many people have been sending me pictures of their copies. It’s been so amazing that I’ve decided to make a contest of it and reward those of you who bought the book and are so enthusiastic about it!

About a month ago I shared that I am developing an online packet analysis course with the same name as the book. This course officially opens in June and is packed with over 40 hours of packet analysis videos and plenty of hands-on labs and packet captures for you to play around with. You can learn more about this course here: http://chrissanders.org/training/#ppa.

This is your opportunity to win a FREE seat in the course. But, it’s only if you’ve already purchased the book. I want you to take a picture of the book and send it to me at chris@chrissanders.org with the subject “PPA Photo Contest”. Now, it’s not quite that simple. I’m going to pick the winner based on who sends me the most creative picture. That can mean taking the book to an exotic locale, a simple action shot of you using the book to dissect some packets, or even a picture of the book with your dog. The sky is the limit, just don’t do anything illegal or dangerous 🙂

The official rules:

Your submission must be received by midnight EST on May 10th. If you were thinking about buying the book, this gives you a chance to purchase and receive it and still take your photo.

You must consent to allow me to share your picture on social media and my blog. I won’t share them all, but I will share some of my favorites.

I will pick one overall winner who will receive a free seat in the PPA online course. If you are already registered for this course, you can exchange that license for a seat in my Investigation Theory course.

I will pick a few “honorable mention” winners who will receive discount codes for any of my courses of your choosing, or free seats in my information security writing course.

So, what if you bought an electronic copy of the book? You can still enter! Just take your picture showing the book in your e-reader application or on your tablet. However, when you submit your entry please include a receipt showing your purchase. That can be a screenshot of your amazon order page or the e-mail receipt from No Starch Press.

That’s it! The contest begins NOW and ends at midnight May 10th. I’m looking forward to seeing how creative you can be!

A few weeks ago on Twitter, I teased that I was working on a new podcast called “Source Code”. Creating a podcast is something I’ve always wanted to do, but I’ve never really had the opportunity to pursue it until now. There are a lot of great podcasts in the information security space already, and I’ve been fortunate enough to be guests on a couple of them. So, what makes mine different (aside from being able to make fun of my accent)?

Source Code is an information security podcast that’s all about education. Rather than simply providing technical segments or news, Source Code is focused on the people that push information security forward and battle in the trenches every day.

We interview practitioners from every facet of information security about their origin story. This includes how they go their start, how they got into the field, and the career decisions that made them successful (or slowed them down) along their path. It’s the story of their source code — what makes them tick. We also talk about current opinions on the state of security education to include what we’re doing right and what we’re doing wrong.

You’ll hear from plenty of household names you’ve heard of, as well as some people you should know about with interesting back stories and unique contributions to the field. Source Code celebrates the diversity of backgrounds that makes information security a unique place to exist.

The #1 question I get asked is “How do I get into infosec?” My hope is that through this podcast, I create a library of stories that can help answer that question by showing people that there are a ton of different ways to get started, and each one can lead to great success.

Ten years after releasing the first edition of Practical Packet Analysis, the third edition is finished and has been released! It’s hard to believe it’s been so long. So far, existing editions have sold tens of thousands of copies, been translated into multiple languages, and been used as a textbook in multiple college courses. I’m very humbled by the success the book has seen over the past decade.

If you’ve never read Practical Packet Analysis…

the key word I want to focus on is Practical. There are a lot of books about networking and protocols out there that get into the specific details at magnified level, but this isn’t that book. This book is written for people who need to do things like solve network issues, troubleshoot latency, or investigate security threats. Capturing packets is easy, but understanding them isn’t, and PPA is designed to give you the practical knowledge you need to get started down the right path. Practical Packet Analysis was the first book of its kind a decade ago, and the approach I’ve taken is unlike any other book you’ll find on the topic.

If you’ve read one of the previous editions…

I think you’ll like the new one too. Much of the introductory material is the same, but I’ve added quite a bit of new content:

Updated content for Wireshark 2.

A new chapter on packet analysis from the command line with tshark and tcpdump.

A bonus chapter on how to read packets in hex using packet diagrams.

New protocol coverage of IPv6 and SMTP.

All new scenarios related to network troubleshooting, internet of things devices, and security scenarios.

Charitable Contributions from Book Sales

A significant portion of the royalties from Practical Packet Analysis will be going to support a number of charities. This includes the Rural Technology Fund, the Against Malaria Foundation, and several others. Through your purchase of my books we’ve been able to put computer science resources into the hands of over 10,000 students just last year alone, purchase life saving mosquito nets for thousands of African families, and so much more. I’m thrilled to be able to use my work to serve others, and I hope you’ll share in that joy with me.

Acknowledgements

First of all, I want to sincerely thank everyone who has ever purchased any of the prior editions. I know you work hard for your money, so I’m glad my work was deemed worthy of your contribution and your time. As I always do, I want to share the acknowledgements and dedications you’ll find in the first few pages.

I’d like to express sincere gratitude for the people who’ve supported me and the development of this book.

Ellen, thank you for your unconditional love and for putting up with me pecking away at the keyboard in bed for countless nights while you were trying to sleep.

Mom, even in death the example of kindness you set continues to motivate me. Dad, I learned what hard work was from you and none of this happens without that.

Jason Smith, you’re like a brother to me, and I can’t thank you enough for being a constant sounding board.

Regarding my coworkers past and present, I’m very fortunate to have surrounded myself with people who’ve made me a smarter, better person. There’s no way I can name everyone, but I want to sincerely thank Dustin, Alek, Martin, Patrick, Chris, Mike, and Grady for supporting me every day and embracing what it means to be servant leaders.

Thanks to Tyler Reguly who served as the primary technical editor. I make stupid mistakes sometimes, and you make me look less stupid. Also, thanks to David Vaughan for providing an extra set of eyes, Jeff Carrell for helping edit the IPv6 content, Brad Duncan for providing a capture file used in the security chapter, and the team at QA Café for providing a Cloudshark license that I used to organize the packet captures for the book.

Of course, I also have to extend thanks to Gerald Combs and the Wireshark development team. It’s the dedication of Gerald and hundreds of other developers that makes Wireshark such a great analysis platform. If it weren’t for their efforts, information technology and network security would be significantly worse off.

Finally, thanks to Bill, Serena, Anna, Jan, Amanda, Alison, and the rest of the No Starch Press staff for their diligence in editing and producing all three editions of Practical Packet Analysis.

Dedication

This time around, rather that dedicating the book to an individual, I chose to include the first verse of one of my favorite songs, “Amazing Grace”. These words have profound meaning, and they just felt right positioned as the first words you’ll read in these pages.

“Amazing grace, how sweet the sound That saved a wretch like me. I once was lost but now I’m found. Was blind but now I see.”

Reviews

Finally, if you do end up with a copy of Practical Packet Analysis, I’m always grateful for a review on the books Amazon page. A positive review is the most meaningful way to help an author whose work you enjoyed. If you’d rather share your review with me directly, don’t hesitate to e-mail me. I’m always happy to hear your feedback.

I’ll be using the list to occasionally collect feedback about research I’m doing and to send out preliminary research and content that won’t be appearing on the blog. If you’re interested in my work, this is a great way to contribute and benefit from it. I’ll also be sharing details about some new training content I have coming up and how you can get free or discounted access by signing up early and providing feedback. Lastly, I’ll provide information about new publications, discount codes, and the occasional free book giveaway.

All of the royalties from Practical Packet Analysis and Applied NSM are donated to public school classrooms as well as a specific group of charities. Half way through 2015, your purchases of these books funded the following:

Dupo, IL – One Apple TV
This device will allow students to broadcast tablets to the classroom and will allow for group interaction with a limited number of devices.

Ypsilanti, MI – Two Raspberry Pi starter kits and touch screen LCDs
Will be used to teach students how to code and debug programs.

Brunswick, GA – Lego Mindstorms kit and circuit building kits
Equipment will be used for an elementary school maker space

Bassett, VA – 3D Printer
Printer will be used as a part of a Maker Space in the elementary school’s library

Orlando, FL – Four DragonTouch Tablets
These devices will allow for customized tech learning plans to be delivered to elementary school students.

Lyndonville, VT – 3D Printer
Printer will be used as a part of a new technology design class focused on STEM education

Stone Mountain, GA – Ten Raspberry Pi kits and five RC robotics kits
Used for developing a technology course to teach kids about programming and robotics

New Lothrop, MI – Two Arduino kits, red boards, soldering kits, and misc sensors
Used in high school technology classes to teach kids about electronics, soldering, and programming

Claysville, PA – Ten Arduino invention kits
Allowing middle school students to explore and invent things that will teach them about electronics, robots, and coding

Stay Updated!

I use my mailing list to send out exclusive content, training discounts, and it's the best way to stay up to date on new classes I conduct on topics like network security monitoring, packet analysis, technical writing, and more.

* indicates required

Email Address *

First Name

Last Name

Applied Network Security Monitoring

Applied Network Security Monitoring is the essential guide to becoming an NSM analyst from the ground up. This book takes a fundamental approach, complete with real-world examples that teach you the key concepts of NSM.

Practical Packet Analysis

It's easy to capture packets with Wireshark, the world's most popular network sniffer, whether off the wire or from the air. But how do you use those packets to understand what's happening on your network? This extensively revised second edition of the best-selling Practical Packet Analysis will teach you how to make sense of your PCAP data.

100% of the author royalties for sales of Practical Packet Analysis go to support the Rural Technology Fund

Rural Technology Fund

Established in 2008, the Rural Technology Fund (RTF) seeks to reduce the digital divide between rural communities and their more urban and suburban counterparts. This is done through targeted scholarship programs, community involvement, and the general promotion and advocacy of technology in rural areas.